[Nix-dev] Re: What about introducing security.packages?
Michael Raskin
7c6f434c at mail.ru
Sat Aug 20 18:26:24 CEST 2011
<j2ol9i$hp6$1 at dough.gmane.org>)
Mime-Version: 1.0
Content-type: text/plain; charset="UTF-8"
>> * No more broken wrappers in /var/setuid-wrappers.
>> E.g., I have no wodim in systemPackages but I have /var/setuid-
>> wrappers/wodim.
>>
>> * If someone changes a package in nixpkgs so that the location of a binary
>> is changes, he sees that he should change 'suid request' accordingly.
>
>Yes, this would be great. It could be done by creating a file
>$out/nix-support/setuid-binaries specifying a list of packages that need
>to be setuid/setgid <whatever>.
Is there any rational reason for it not being a Nix-expression attribute?
Say, passthru.securityWrappers = ..
More information about the nix-dev
mailing list